VBS/Generic virus

View previous topic View next topic Go down

VBS/Generic virus

Post by MartinWellock on Wed 02 Mar 2011, 4:34 am

OTL logfile created on: 01/03/2011 17:01:40 - Run 1
OTL by OldTimer - Version 3.2.22.2 Folder = C:\Users\user\Downloads
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 105.39 Gb Free Space | 70.71% Space Free | Partition Type: NTFS
Drive E: | 465.65 Gb Total Space | 427.03 Gb Free Space | 91.71% Space Free | Partition Type: FAT32

Computer Name: USER-PC | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/03/01 16:58:54 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\user\Downloads\OTL.com
PRC - [2011/01/07 01:22:54 | 002,747,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/01/07 01:22:44 | 001,084,256 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/01/06 15:23:20 | 000,737,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/01/06 15:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/12/15 17:07:50 | 003,117,200 | R--- | M] (Carbonite, Inc. ([You must be registered and logged in to see this link.] -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
PRC - [2010/12/15 17:07:48 | 000,917,648 | R--- | M] (Carbonite, Inc.) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
PRC - [2010/12/05 16:26:40 | 000,654,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/12/05 16:26:12 | 000,650,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/10/22 04:56:58 | 000,845,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2009/10/31 05:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/10/14 13:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009/10/14 13:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2009/10/07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/07/16 15:35:42 | 005,458,704 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Logitech Vid\Vid.exe
PRC - [2009/07/14 01:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 01:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009/04/07 09:13:10 | 000,673,616 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe


========== Modules (SafeList) ==========

MOD - [2011/03/01 16:58:54 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\user\Downloads\OTL.com
MOD - [2010/08/21 05:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/02/18 11:24:11 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/01/06 15:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/12/15 17:07:50 | 003,117,200 | R--- | M] (Carbonite, Inc. ([You must be registered and logged in to see this link.] [Auto | Running] -- C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe -- (CarboniteService)
SRV - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2009/10/07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/07/14 01:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 01:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)


========== Driver Services (SafeList) ==========

DRV - [2010/12/08 04:12:38 | 000,251,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/11/12 13:19:38 | 000,299,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010/09/13 15:27:54 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 03:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 03:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/03 15:24:18 | 000,021,072 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010/08/03 15:24:16 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/03 15:24:12 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2009/10/07 08:49:38 | 006,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam 300(UVC)
DRV - [2009/10/07 08:47:55 | 000,266,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2009/10/07 08:46:12 | 000,114,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2009/10/07 01:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/07/13 23:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 22:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009/06/10 21:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0F 92 7F E4 17 D0 CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2011/02/26 10:09:26 | 000,000,000 | ---D | M]

[2011/02/18 14:56:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/02/18 14:56:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/02/18 14:56:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/02/18 14:56:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

O1 HOSTS File: ([2006/09/18 21:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKCU..\Run: [Epson Stylus SX510W(Network)] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [EPSON SX510W Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files\Logitech\Logitech Vid\vid.exe (Logitech Inc.)
O4 - Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk = C:\Program Files\Logitech\Logitech WebCam Software\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]* in Local intranet)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 21:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/08/10 15:40:34 | 000,000,103 | ---- | M] () - E:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found


SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.)


========== Files/Folders - Created Within 30 Days ==========

[2011/02/28 03:01:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2011/02/26 15:58:02 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Google
[2011/02/26 15:57:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2011/02/26 15:56:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2011/02/26 13:45:24 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\LogiShrd
[2011/02/26 13:44:57 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Leadertech
[2011/02/26 13:44:12 | 006,756,632 | ---- | C] (Logitech Inc.) -- C:\Windows\System32\drivers\lvuvc.sys
[2011/02/26 13:44:12 | 000,539,160 | ---- | C] (Logitech Inc.) -- C:\Windows\System32\LVUI2RC.dll
[2011/02/26 13:44:12 | 000,539,160 | ---- | C] (Logitech Inc.) -- C:\Windows\System32\LVUI2.dll
[2011/02/26 13:44:12 | 000,416,280 | ---- | C] (Logitech Inc.) -- C:\Windows\System32\lvcodec2.dll
[2011/02/26 13:43:59 | 000,266,008 | ---- | C] (Logitech Inc.) -- C:\Windows\System32\drivers\lvrs.sys
[2011/02/26 13:43:58 | 000,199,192 | ---- | C] (Logitech Inc.) -- C:\Windows\System32\lvci12101110.dll
[2011/02/26 13:43:58 | 000,114,712 | ---- | C] (Logitech Inc.) -- C:\Windows\System32\drivers\lvpopflt.sys
[2011/02/26 13:42:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2011/02/26 13:42:20 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2011/02/26 10:19:38 | 003,033,192 | ---- | C] (Piriform Ltd) -- C:\Users\user\Documents\ccsetup304.exe
[2011/02/26 10:15:29 | 006,533,584 | ---- | C] (Xobni) -- C:\Users\user\XobniSetup.exe
[2011/02/26 10:15:29 | 000,000,000 | ---D | C] -- C:\Users\user\Xobni
[2011/02/26 10:12:31 | 000,000,000 | -H-D | C] -- C:\$AVG
[2011/02/26 10:10:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2011
[2011/02/26 10:09:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\AVG
[2011/02/26 10:08:49 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2011/02/26 09:53:25 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\AVG10
[2011/02/26 09:46:03 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2011/02/26 09:28:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2011/02/26 09:28:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2011/02/26 09:09:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011/02/26 09:08:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2011/02/26 09:07:48 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011/02/26 09:05:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2011/02/26 09:04:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/02/26 09:04:31 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011/02/23 07:45:09 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011/02/23 07:45:09 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011/02/21 14:50:01 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\ElevatedDiagnostics
[2011/02/21 14:02:42 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9
[2011/02/21 13:40:34 | 000,000,000 | -HSD | C] -- C:\found.000
[2011/02/21 13:34:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011/02/21 13:34:10 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/02/21 10:03:15 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Epson
[2011/02/21 09:49:02 | 000,135,168 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\EEBAPI.dll
[2011/02/21 09:49:02 | 000,110,592 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\EEBDSCVR.dll
[2011/02/21 09:49:02 | 000,077,824 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\EBAPI.dll
[2011/02/21 09:49:02 | 000,065,536 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\EEBUtil.dll
[2011/02/21 09:49:02 | 000,055,808 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\EEBSDKIF.dll
[2011/02/21 09:39:39 | 000,000,000 | ---D | C] -- C:\ProgramData\UDL
[2011/02/21 09:38:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
[2011/02/21 09:36:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 6.0 Sprint
[2011/02/21 09:35:18 | 000,474,892 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\ensppmon.dll
[2011/02/21 09:35:18 | 000,474,892 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\enppmon.dll
[2011/02/21 09:35:18 | 000,457,611 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\ensppui.dll
[2011/02/21 09:35:18 | 000,457,611 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\enppui.dll
[2011/02/21 09:35:18 | 000,249,344 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\enspres.dll
[2011/02/21 09:35:18 | 000,249,344 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\enpres.dll
[2011/02/21 09:31:41 | 000,501,912 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\PICSDK2.dll
[2011/02/21 09:31:41 | 000,120,992 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\EpPicPrt.dll
[2011/02/21 09:31:41 | 000,108,704 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\PICEntry.dll
[2011/02/21 09:31:41 | 000,080,024 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\PICSDK.dll
[2011/02/21 09:31:40 | 000,071,840 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\EPPicMgr.dll
[2011/02/21 09:31:33 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\InstallShield
[2011/02/21 09:27:35 | 000,008,192 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\System32\E_DCINST.DLL
[2011/02/21 09:27:00 | 000,093,696 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_FLBFIE.DLL
[2011/02/21 09:26:35 | 000,079,360 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_FD4BFIE.DLL
[2011/02/21 09:24:04 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON
[2011/02/21 09:19:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
[2011/02/21 09:19:24 | 000,342,016 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\System32\eswiaud.dll
[2011/02/21 09:19:24 | 000,128,392 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\System32\esdevapp.exe
[2011/02/21 09:19:24 | 000,015,872 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\System32\escdev.dll
[2011/02/19 18:52:16 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\OneNote Notebooks
[2011/02/19 18:40:41 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Magic Briefcase
[2011/02/19 18:40:21 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\SugarSync Shared Folders
[2011/02/19 18:39:29 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\SugarSync
[2011/02/19 18:39:17 | 000,000,000 | ---D | C] -- C:\Program Files\SugarSync
[2011/02/19 14:21:18 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\BitTorrent
[2011/02/19 13:48:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2011/02/19 09:36:57 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Diagnostics
[2011/02/18 15:14:53 | 000,000,000 | ---D | C] -- C:\Users\user\Carbonite Restored OLD User Settings
[2011/02/18 15:00:03 | 000,000,000 | ---D | C] -- C:\Program Files\TomTom International B.V
[2011/02/18 14:59:58 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2011/02/18 14:59:47 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Firewall Plus
[2011/02/18 14:59:46 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2011/02/18 14:59:19 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2011/02/18 14:56:57 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia
[2011/02/18 14:56:56 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2011/02/18 14:56:04 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/02/18 14:54:38 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn
[2011/02/18 14:50:58 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2011/02/18 14:50:29 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/02/18 14:50:20 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2011/02/18 14:47:28 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit Software
[2011/02/18 14:46:37 | 000,000,000 | ---D | C] -- C:\Program Files\EpsonNet
[2011/02/18 14:42:57 | 000,000,000 | ---D | C] -- C:\Program Files\Epson Software
[2011/02/18 14:42:43 | 000,000,000 | ---D | C] -- C:\Program Files\epson
[2011/02/18 14:42:42 | 000,000,000 | ---D | C] -- C:\Program Files\Easy CD-DA Extractor 2010
[2011/02/18 14:42:25 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2011/02/18 14:42:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011/02/18 14:42:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PCSuite
[2011/02/18 14:42:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2011/02/18 14:41:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
[2011/02/18 14:40:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LWS
[2011/02/18 14:39:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LogiShrd
[2011/02/18 14:39:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/02/18 14:39:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2011/02/18 14:39:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EPSON
[2011/02/18 14:38:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011/02/18 14:38:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/02/18 14:37:46 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/02/18 14:37:45 | 000,000,000 | ---D | C] -- C:\Program Files\Advanced Registry Optimizer
[2011/02/18 14:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\ABBYY FineReader 6.0 Sprint
[2011/02/18 14:37:38 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2011/02/18 14:37:26 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2011/02/18 14:37:21 | 000,000,000 | R--D | C] -- C:\My Documents
[2011/02/18 14:06:23 | 000,000,000 | ---D | C] -- C:\archive_db
[2011/02/18 14:05:35 | 000,000,000 | ---D | C] -- C:\Program Files\Paragon Software
[2011/02/18 14:05:20 | 000,000,000 | -HSD | C] -- C:\D
[2011/02/18 14:05:12 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2011/02/18 13:59:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite
[2011/02/18 13:59:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Carbonite
[2011/02/18 13:59:32 | 000,000,000 | ---D | C] -- C:\Program Files\Carbonite
[2011/02/18 13:18:58 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Macromedia
[2011/02/18 13:18:58 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Adobe
[2011/02/18 13:18:39 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/02/18 13:15:30 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Google
[2011/02/18 13:15:09 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Deployment
[2011/02/18 13:15:09 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Apps
[2011/02/18 12:30:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2011/02/18 11:35:56 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2011/02/18 11:35:56 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2011/02/18 11:35:56 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2011/02/18 11:26:13 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2011/02/18 11:24:18 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2011/02/18 09:34:40 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2011/02/18 09:22:27 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/02/18 09:21:15 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011/02/18 09:21:15 | 000,197,632 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\ir32_32.dll
[2011/02/18 09:21:15 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2011/02/18 09:21:14 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2011/02/18 09:21:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011/02/18 09:21:07 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2011/02/18 09:21:07 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2011/02/18 09:21:07 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2011/02/18 09:21:06 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011/02/18 09:21:06 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011/02/18 09:20:59 | 002,329,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/02/18 09:20:58 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2011/02/18 09:20:58 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2011/02/18 09:20:58 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2011/02/18 09:20:58 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2011/02/18 09:20:55 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2011/02/18 09:20:49 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2011/02/18 09:20:47 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011/02/18 09:20:43 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2011/02/18 09:20:43 | 000,507,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2011/02/18 09:20:43 | 000,442,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2011/02/18 09:20:32 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2011/02/18 09:20:31 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2011/02/18 09:20:31 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2011/02/18 09:20:26 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/02/18 09:20:26 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/02/18 09:20:12 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2011/02/18 09:20:11 | 000,026,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2011/02/18 09:20:05 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/02/18 09:20:05 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/02/18 09:20:05 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/02/18 09:20:05 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/02/18 09:20:05 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/02/18 09:20:05 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/02/18 09:20:04 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/02/18 09:20:04 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/02/18 09:20:04 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/02/18 09:19:49 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2011/02/18 09:19:46 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2011/02/18 09:19:45 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2011/02/18 09:19:45 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2011/02/18 09:19:44 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/02/18 09:19:44 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2011/02/18 09:19:44 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011/02/18 09:19:33 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/02/18 09:19:33 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/02/18 09:19:29 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011/02/18 09:19:29 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2011/02/18 09:19:29 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011/02/18 09:19:29 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011/02/18 09:19:28 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2011/02/18 09:19:28 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2011/02/18 09:19:28 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011/02/18 09:19:28 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2011/02/18 09:19:28 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011/02/18 09:19:28 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011/02/18 09:19:20 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\upnp.dll
[2011/02/18 09:19:19 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/02/18 09:19:19 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll
[2011/02/18 09:19:19 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2011/02/18 09:19:19 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/02/18 09:19:19 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2011/02/18 09:19:17 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2011/02/18 09:19:17 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2011/02/18 09:19:17 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2011/02/18 09:19:17 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2011/02/18 09:19:17 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2011/02/18 09:19:17 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2011/02/18 09:19:17 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2011/02/18 09:19:17 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2011/02/18 09:19:16 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2011/02/18 09:19:16 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2011/02/18 09:13:08 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2011/02/18 09:13:08 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011/02/17 22:45:22 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011/02/17 22:39:06 | 000,000,000 | -H-D | C] -- C:\$WINDOWS.~Q
[2011/02/17 22:38:54 | 000,000,000 | -H-D | C] -- C:\$INPLACE.~TR
[2011/02/17 15:34:59 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Outlook Files
[2011/02/17 15:27:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2011/02/17 15:25:29 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Microsoft Help
[2011/02/17 15:25:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011/02/17 15:25:23 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011/02/17 15:02:50 | 000,000,000 | -H-D | C] -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2011/02/17 15:02:38 | 000,000,000 | -HSD | C] -- C:\Recovery
[2011/02/17 14:49:20 | 000,000,000 | --SD | C] -- C:\Users\user\AppData\Roaming\Microsoft
[2011/02/17 14:49:20 | 000,000,000 | R--D | C] -- C:\Users\user\Videos
[2011/02/17 14:49:20 | 000,000,000 | R--D | C] -- C:\Users\user\Saved Games
[2011/02/17 14:49:20 | 000,000,000 | R--D | C] -- C:\Users\user\Pictures
[2011/02/17 14:49:20 | 000,000,000 | R--D | C] -- C:\Users\user\Music
[2011/02/17 14:49:20 | 000,000,000 | R--D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/02/17 14:49:20 | 000,000,000 | R--D | C] -- C:\Users\user\Links
[2011/02/17 14:49:20 | 000,000,000 | R--D | C] -- C:\Users\user\Favorites
[2011/02/17 14:49:20 | 000,000,000 | R--D | C] -- C:\Users\user\Downloads
[2011/02/17 14:49:20 | 000,000,000 | R--D | C] -- C:\Users\user\Documents
[2011/02/17 14:49:20 | 000,000,000 | R--D | C] -- C:\Users\user\Desktop
[2011/02/17 14:49:20 | 000,000,000 | R--D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start

(1/2)


MartinWellock

Unborn
Unborn

Posts : 2
Joined : 2011-03-02
Operating System : 7

View user profile

Back to top Go down

VBS/Generic virus (2/2)

Post by MartinWellock on Wed 02 Mar 2011, 4:35 am

Menu\Programs\Accessories
[2011/02/17 14:49:20 | 000,000,000 | -HSD | C] -- C:\Users\user\AppData\Local\Temporary Internet Files
[2011/02/17 14:49:20 | 000,000,000 | -HSD | C] -- C:\Users\user\Templates
[2011/02/17 14:49:20 | 000,000,000 | -HSD | C] -- C:\Users\user\Start Menu
[2011/02/17 14:49:20 | 000,000,000 | -HSD | C] -- C:\Users\user\SendTo
[2011/02/17 14:49:20 | 000,000,000 | -HSD | C] -- C:\Users\user\Recent
[2011/02/17 14:49:20 | 000,000,000 | -HSD | C] -- C:\Users\user\PrintHood
[2011/02/17 14:49:20 | 000,000,000 | -HSD | C] -- C:\Users\user\NetHood
[2011/02/17 14:49:20 | 000,000,000 | -HSD | C] -- C:\Users\user\My Documents
[2011/02/17 14:49:20 | 000,000,000 | -HSD | C] -- C:\Users\user\Local Settings
[2011/02/17 14:49:20 | 000,000,000 | -HSD | C] -- C:\Users\user\AppData\Local\History
[2011/02/17 14:49:20 | 000,000,000 | -HSD | C] -- C:\Users\user\Cookies
[2011/02/17 14:49:20 | 000,000,000 | -HSD | C] -- C:\Users\user\Application Data
[2011/02/17 14:49:20 | 000,000,000 | -HSD | C] -- C:\Users\user\AppData\Local\Application Data
[2011/02/17 14:49:20 | 000,000,000 | -H-D | C] -- C:\Users\user\AppData
[2011/02/17 14:49:20 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Temp
[2011/02/17 14:49:20 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Microsoft
[2011/02/17 14:49:20 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Media Center Programs
[2011/02/17 14:46:33 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2011/02/17 10:19:48 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe

========== Files - Modified Within 30 Days ==========

[2011/03/01 17:01:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/01 16:20:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4237731300-1913835095-1307180357-1000UA.job
[2011/03/01 16:09:39 | 000,628,024 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/03/01 16:09:39 | 000,110,208 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/03/01 16:01:05 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/03/01 15:55:03 | 000,011,104 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/03/01 15:55:03 | 000,011,104 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/03/01 15:51:47 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/03/01 15:47:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/03/01 15:47:16 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2011/03/01 15:47:11 | 1509,400,576 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/01 14:21:34 | 000,001,186 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2011/03/01 14:19:23 | 107,481,423 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011/03/01 14:13:31 | 000,000,850 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4237731300-1913835095-1307180357-1000Core.job
[2011/02/27 10:25:15 | 000,000,238 | ---- | M] () -- C:\Windows\tasks\Epson Printer Software Downloader.job
[2011/02/26 10:20:05 | 003,033,192 | ---- | M] (Piriform Ltd) -- C:\Users\user\Documents\ccsetup304.exe
[2011/02/26 10:16:06 | 006,533,584 | ---- | M] (Xobni) -- C:\Users\user\XobniSetup.exe
[2011/02/26 09:52:41 | 000,408,152 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/02/26 09:22:42 | 000,001,105 | ---- | M] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2011/02/22 15:18:53 | 002,620,118 | ---- | M] () -- C:\AVGInstLog.cab
[2011/02/19 13:49:24 | 000,001,092 | ---- | M] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk
[2011/02/19 12:45:23 | 000,037,660 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft Excel 97-2003.ADR
[2011/02/17 22:45:09 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2011/02/17 15:28:41 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/02/17 15:02:53 | 000,001,411 | ---- | M] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/02/17 14:58:59 | 000,041,962 | ---- | M] () -- C:\Windows\System32\license.rtf
[2011/02/17 14:54:13 | 000,021,316 | ---- | M] () -- C:\Windows\System32\emptyregdb.dat
[2011/02/17 14:33:15 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/02/17 14:33:14 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/02/17 14:18:54 | 000,001,890 | ---- | M] () -- C:\Windows\diagwrn.xml
[2011/02/17 14:18:53 | 000,001,890 | ---- | M] () -- C:\Windows\diagerr.xml
[2011/02/17 14:15:32 | 000,000,221 | -HS- | M] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini
[2011/02/17 13:58:14 | 000,131,072 | ---- | M] () -- C:\Windows\SPInstall.etl
[2011/02/17 10:39:12 | 027,721,728 | ---- | M] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2011/02/17 10:39:12 | 000,131,072 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2011/02/17 10:39:11 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2011/02/03 05:45:07 | 000,219,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2011/02/02 17:11:20 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe

========== Files Created - No Company Name ==========

[2011/03/01 15:51:47 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/03/01 14:21:34 | 000,001,186 | ---- | C] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2011/03/01 14:19:23 | 107,481,423 | ---- | C] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011/02/26 15:56:47 | 000,000,880 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/02/26 15:56:46 | 000,000,876 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/02/26 13:43:59 | 000,034,068 | ---- | C] () -- C:\Windows\System32\Repository.reg
[2011/02/26 13:43:58 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2011/02/26 09:22:42 | 000,001,105 | ---- | C] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2011/02/22 15:18:53 | 002,620,118 | ---- | C] () -- C:\AVGInstLog.cab
[2011/02/21 09:40:37 | 000,000,238 | ---- | C] () -- C:\Windows\tasks\Epson Printer Software Downloader.job
[2011/02/21 09:31:41 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2011/02/21 09:31:41 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2011/02/21 09:31:41 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2011/02/21 09:31:41 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2011/02/21 09:31:41 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2011/02/21 09:31:41 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2011/02/21 09:31:41 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2011/02/21 09:31:41 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2011/02/21 09:31:41 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2011/02/21 09:31:41 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2011/02/21 09:31:40 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2011/02/21 09:31:40 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2011/02/21 09:31:40 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2011/02/21 09:31:40 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2011/02/21 09:31:40 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2011/02/21 09:31:40 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2011/02/21 09:31:40 | 000,013,732 | ---- | C] () -- C:\Windows\System32\EPPICLocal_EN.cfg
[2011/02/21 09:31:40 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2011/02/21 09:31:40 | 000,006,442 | ---- | C] () -- C:\Windows\System32\EPPICLocal_IT.cfg
[2011/02/21 09:31:40 | 000,006,347 | ---- | C] () -- C:\Windows\System32\EPPICLocal_PT.cfg
[2011/02/21 09:31:40 | 000,006,347 | ---- | C] () -- C:\Windows\System32\EPPICLocal_BP.cfg
[2011/02/21 09:31:40 | 000,006,335 | ---- | C] () -- C:\Windows\System32\EPPICLocal_GE.cfg
[2011/02/21 09:31:40 | 000,006,195 | ---- | C] () -- C:\Windows\System32\EPPICLocal_FR.cfg
[2011/02/21 09:31:40 | 000,006,195 | ---- | C] () -- C:\Windows\System32\EPPICLocal_CF.cfg
[2011/02/21 09:31:40 | 000,006,122 | ---- | C] () -- C:\Windows\System32\EPPICLocal_DU.cfg
[2011/02/21 09:31:40 | 000,006,103 | ---- | C] () -- C:\Windows\System32\EPPICLocal_ES.cfg
[2011/02/21 09:31:40 | 000,005,817 | ---- | C] () -- C:\Windows\System32\EPPICLocal_KO.cfg
[2011/02/21 09:31:40 | 000,005,436 | ---- | C] () -- C:\Windows\System32\EPPICLocal_SC.cfg
[2011/02/21 09:31:40 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2011/02/21 09:31:40 | 000,002,889 | ---- | C] () -- C:\Windows\System32\EPPICLocal_RU.cfg
[2011/02/21 09:31:40 | 000,002,426 | ---- | C] () -- C:\Windows\System32\EPPICLocal_TC.cfg
[2011/02/21 09:31:40 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2011/02/19 18:39:23 | 000,001,912 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SugarSync Manager.lnk
[2011/02/19 13:49:24 | 000,001,092 | ---- | C] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk
[2011/02/19 12:45:17 | 000,037,660 | ---- | C] () -- C:\Users\user\AppData\Roaming\Microsoft Excel 97-2003.ADR
[2011/02/18 19:00:31 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\lvuvc.hs
[2011/02/18 13:15:41 | 000,000,902 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4237731300-1913835095-1307180357-1000UA.job
[2011/02/18 13:15:40 | 000,000,850 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4237731300-1913835095-1307180357-1000Core.job
[2011/02/17 15:28:41 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/02/17 15:02:53 | 000,001,417 | ---- | C] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/02/17 15:00:03 | 1509,400,576 | -HS- | C] () -- C:\hiberfil.sys
[2011/02/17 14:54:14 | 000,021,316 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2011/02/17 14:49:20 | 000,000,290 | ---- | C] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/02/17 14:49:20 | 000,000,272 | ---- | C] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/02/17 14:48:57 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011/02/17 14:48:55 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011/02/17 14:48:28 | 000,011,104 | -H-- | C] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/02/17 14:48:28 | 000,011,104 | -H-- | C] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/02/17 13:44:22 | 000,131,072 | ---- | C] () -- C:\Windows\SPInstall.etl
[2011/02/17 10:33:55 | 000,131,072 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2011/02/17 10:33:55 | 000,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2011/02/17 10:33:54 | 027,721,728 | ---- | C] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2011/02/16 15:11:24 | 000,001,411 | ---- | C] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/02/16 15:07:58 | 000,001,890 | ---- | C] () -- C:\Windows\diagwrn.xml
[2011/02/16 15:07:58 | 000,001,890 | ---- | C] () -- C:\Windows\diagerr.xml
[2010/11/10 02:45:32 | 000,102,744 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2010/11/10 02:45:30 | 010,871,128 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2010/11/10 02:45:20 | 000,316,248 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2009/10/07 01:46:36 | 000,025,752 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2009/10/07 01:23:08 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2009/07/14 04:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 04:33:53 | 000,408,152 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 02:05:48 | 000,628,024 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 02:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 02:05:48 | 000,110,208 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 02:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 02:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 02:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 23:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 23:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 23:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 21:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

========== Custom Scans ==========


< %systemroot%\Fonts\*.com >
[2009/07/14 04:52:25 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 04:52:25 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 04:52:25 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 04:52:25 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/06/10 21:31:19 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2009/07/14 01:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2009/07/14 01:16:19 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2009/07/14 04:41:57 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %APPDATA%\Update\*.* >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2009/07/14 04:46:35 | 000,000,442 | -HS- | M] () -- C:\ProgramData\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2011/02/17 14:15:32 | 000,000,221 | -HS- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini
[2011/02/17 15:02:53 | 000,000,221 | -HS- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >
[2011/02/26 10:16:06 | 006,533,584 | ---- | M] (Xobni) -- C:\Users\user\XobniSetup.exe

< %systemroot%\ADDINS\*.* >
[2009/06/10 21:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\addins\FXSEXT.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2011/02/18 12:38:26 | 000,000,402 | -HS- | M] () -- C:\Users\user\Favorites\desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/07/14 01:15:19 | 000,016,896 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\eventcls.dll

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.sys >
[2009/07/13 21:40:41 | 000,009,029 | ---- | M] () -- C:\Windows\System32\ANSI.SYS
[2009/07/14 01:26:21 | 000,249,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clfs.sys
[2009/07/13 21:40:44 | 000,027,097 | ---- | M] () -- C:\Windows\System32\country.sys
[2009/07/13 21:40:40 | 000,004,768 | ---- | M] () -- C:\Windows\System32\HIMEM.SYS
[2009/07/13 21:40:43 | 000,042,809 | ---- | M] () -- C:\Windows\System32\KEY01.SYS
[2009/07/13 21:40:43 | 000,042,537 | ---- | M] () -- C:\Windows\System32\KEYBOARD.SYS
[2009/07/13 21:40:23 | 000,027,866 | ---- | M] () -- C:\Windows\System32\NTDOS.SYS
[2009/07/13 21:40:31 | 000,029,146 | ---- | M] () -- C:\Windows\System32\NTDOS404.SYS
[2009/07/13 21:40:35 | 000,029,370 | ---- | M] () -- C:\Windows\System32\NTDOS411.SYS
[2009/07/13 21:40:39 | 000,029,274 | ---- | M] () -- C:\Windows\System32\NTDOS412.SYS
[2009/07/13 21:40:27 | 000,029,146 | ---- | M] () -- C:\Windows\System32\NTDOS804.SYS
[2009/07/13 21:40:11 | 000,033,952 | ---- | M] () -- C:\Windows\System32\NTIO.SYS
[2009/07/13 21:40:15 | 000,034,672 | ---- | M] () -- C:\Windows\System32\NTIO404.SYS
[2009/07/13 21:40:17 | 000,035,776 | ---- | M] () -- C:\Windows\System32\NTIO411.SYS
[2009/07/13 21:40:19 | 000,035,536 | ---- | M] () -- C:\Windows\System32\NTIO412.SYS
[2009/07/13 21:40:13 | 000,034,672 | ---- | M] () -- C:\Windows\System32\NTIO804.SYS
[2011/01/05 03:37:38 | 002,329,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

< %systemroot%\system32\drivers\*.dll >
[2009/10/07 01:23:08 | 000,013,584 | ---- | M] () -- C:\Windows\System32\drivers\iKeyLFT2.dll

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2009/07/14 01:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2009/07/14 01:16:19 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll

< %SYSTEMDRIVE%\*.* >
[2010/09/23 19:15:32 | 000,001,024 | ---- | M] () -- C:\.rnd
[2009/06/10 21:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2011/02/22 15:18:53 | 002,620,118 | ---- | M] () -- C:\AVGInstLog.cab
[2009/07/14 01:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2011/02/17 22:45:09 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2009/06/10 21:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2011/03/01 15:47:11 | 1509,400,576 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/01 15:47:11 | 2012,536,832 | -HS- | M] () -- C:\pagefile.sys

< %PROGRAMFILES%\*. >
[2011/02/18 14:37:39 | 000,000,000 | ---D | M] -- C:\Program Files\7-Zip
[2011/02/21 09:36:09 | 000,000,000 | ---D | M] -- C:\Program Files\ABBYY FineReader 6.0 Sprint
[2011/02/18 14:37:45 | 000,000,000 | ---D | M] -- C:\Program Files\Advanced Registry Optimizer
[2011/02/18 14:37:57 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2011/02/26 10:08:49 | 000,000,000 | ---D | M] -- C:\Program Files\AVG
[2011/02/18 13:59:32 | 000,000,000 | ---D | M] -- C:\Program Files\Carbonite
[2011/02/26 10:20:33 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2011/02/26 09:08:10 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2011/02/18 14:42:27 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2011/02/18 14:42:29 | 000,000,000 | ---D | M] -- C:\Program Files\DVD Maker
[2011/02/18 14:42:43 | 000,000,000 | ---D | M] -- C:\Program Files\Easy CD-DA Extractor 2010
[2011/02/21 09:32:43 | 000,000,000 | ---D | M] -- C:\Program Files\epson
[2011/02/18 14:44:03 | 000,000,000 | ---D | M] -- C:\Program Files\Epson Software
[2011/02/18 14:46:41 | 000,000,000 | ---D | M] -- C:\Program Files\EpsonNet
[2011/02/18 14:47:29 | 000,000,000 | ---D | M] -- C:\Program Files\Foxit Software
[2011/02/26 15:56:38 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2011/02/18 14:50:26 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2011/02/18 14:50:29 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2011/02/18 14:50:31 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2011/02/18 14:54:05 | 000,000,000 | ---D | M] -- C:\Program Files\Logitech
[2011/02/18 14:54:41 | 000,000,000 | ---D | M] -- C:\Program Files\LogMeIn
[2011/02/26 09:05:15 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Analysis Services
[2011/02/28 03:01:11 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2011/02/18 14:55:03 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2011/02/26 09:07:50 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2011/02/26 09:28:27 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2011/02/26 09:28:47 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Synchronization Services
[2011/02/26 09:07:47 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2011/02/18 14:56:53 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2011/02/26 08:47:59 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2011/02/18 14:56:56 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2011/02/18 14:59:19 | 000,000,000 | ---D | M] -- C:\Program Files\Nokia
[2011/02/18 14:59:22 | 000,000,000 | ---D | M] -- C:\Program Files\NVIDIA Corporation
[2011/02/18 14:59:24 | 000,000,000 | ---D | M] -- C:\Program Files\Paragon Software
[2011/02/18 14:59:47 | 000,000,000 | ---D | M] -- C:\Program Files\PC Connectivity Solution
[2011/02/18 14:59:53 | 000,000,000 | ---D | M] -- C:\Program Files\PC Tools Firewall Plus
[2011/02/18 14:59:54 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2011/02/18 15:00:02 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2011/02/19 18:39:23 | 000,000,000 | ---D | M] -- C:\Program Files\SugarSync
[2011/02/18 15:00:04 | 000,000,000 | ---D | M] -- C:\Program Files\TomTom International B.V
[2009/07/14 04:53:23 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2011/02/17 14:50:45 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2011/02/17 14:50:45 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2011/02/18 15:00:07 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2009/07/14 07:49:14 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2011/02/18 15:00:08 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2011/02/18 15:00:12 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2011/02/18 15:00:15 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2011/02/17 14:50:45 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2011/02/18 15:00:17 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Viewer
[2009/07/14 04:52:32 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2011/02/18 15:00:54 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar

< %appdata%\*.* >
[2011/02/19 12:45:23 | 000,037,660 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft Excel 97-2003.ADR


< MD5 for: AGP440.SYS >
[2009/07/14 01:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/14 01:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009/07/14 01:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 01:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009/07/14 01:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: DISK.SYS >
[2009/07/14 01:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\drivers\disk.sys
[2009/07/14 01:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_x86_neutral_b431b61a11f8df6c\disk.sys
[2009/07/14 01:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_f99cd807d58018cb\disk.sys

< MD5 for: IASTORV.SYS >
[2009/07/14 01:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009/07/14 01:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/14 01:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009/07/14 01:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009/07/14 01:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2007/01/05 21:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) MD5=4A5FCAB82D9BF6AF8A023A66802FE9E9 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_29af12c5857181b0\nvstor.sys
[2009/07/14 01:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009/07/14 01:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 01:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009/07/14 01:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009/07/14 01:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

< MD5 for: USBSTOR.SYS >
[2009/07/13 23:51:19 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=D8889D56E0D27E57ED4591837FE71D27 -- C:\Windows\System32\drivers\USBSTOR.SYS
[2009/07/13 23:51:19 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=D8889D56E0D27E57ED4591837FE71D27 -- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_x86_neutral_83027f5d5b2468d3\USBSTOR.SYS
[2009/07/13 23:51:19 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=D8889D56E0D27E57ED4591837FE71D27 -- C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.1.7600.16385_none_485ca4d9f926b0b4\USBSTOR.SYS

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-02-28 03:01:17

< End of report >

MartinWellock

Unborn
Unborn

Posts : 2
Joined : 2011-03-02
Operating System : 7

View user profile

Back to top Go down

Re: VBS/Generic virus

Post by Belahzur on Wed 02 Mar 2011, 1:11 pm

Hello.

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: VBS/Generic virus

Post by Sponsored content Today at 11:10 am


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum